DQ-MOTAG: Deep Reinforcement Learning-based Moving Target Defense Against DDoS Attacks
The rapid developments of mobile communication and wearable devices greatly improve our daily life, while the massive entities and emerging services also make Cyber-Physical System (CPS) much more complicated. The maintenance of CPS security tends to be more and more difficult. As a "gamechangi...
Saved in:
Published in: | 2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC) pp. 375 - 379 |
---|---|
Main Authors: | , , , , , |
Format: | Conference Proceeding |
Language: | English |
Published: |
IEEE
01-07-2020
|
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | The rapid developments of mobile communication and wearable devices greatly improve our daily life, while the massive entities and emerging services also make Cyber-Physical System (CPS) much more complicated. The maintenance of CPS security tends to be more and more difficult. As a "gamechanging" new active defense concept, Moving Target Defense (MTD) handle this tricky problem by periodically upsetting and recombining connections between users and servers in the protected system, which is so-called "shuffle". By this means, adversaries can hardly obtain enough time to compromise the potential victims, which is the indispensable condition to collect necessary information or conduct further malicious attacks. But every coin has two sides, MTD also introduce unbearable high energy consumption and resource occupation in the meantime, which hinders the large-scale application of MTD for quite a long time. In this paper, we propose a novel deep reinforcement learning-based MOTAG system called DQ-MOTAG. To our knowledge, this is the first work to provide self-adaptive shuffle period adjustment ability for MTD with reinforcement learning-based intelligent control mechanism. We also design an algorithm to generate optimal duration of next period to guide subsequent shuffle. Finally, we conduct a series of experiments to prove the availability and performance of DQ-MOTAG compared to exist methods. The result highlights our solution in terms of defense performance, error block rate and network source consumption. |
---|---|
DOI: | 10.1109/DSC50466.2020.00065 |